[client] Adapt sharing and start restrict access

richard-julien · JeremyCloarec · commit 050e4e16978d · 2025-04-15T18:03:32.000+02:00
diff --git a/pycti/entities/opencti_stix_core_object.py b/pycti/entities/opencti_stix_core_object.py
@@ -1753,6 +1753,33 @@ def rules_rescan(self, **kwargs):
             self.opencti.app_logger.error("[stix_core_object] Missing parameters: id")
             return None
 
+    """
+        Ask clear restriction
+
+        :param element_id: the Stix-Core-Object id
+        :return void
+    """
+
+    def clear_access_restriction(self, **kwargs):
+        element_id = kwargs.get("element_id", None)
+        if element_id is not None:
+            query = """
+                mutation StixCoreObjectEdit($id: ID!) {
+                    stixCoreObjectEdit(id: $id) {
+                        clearAccessRestriction
+                    }
+                }
+            """
+            self.opencti.query(
+                query,
+                {
+                    "id": element_id,
+                },
+            )
+        else:
+            self.opencti.app_logger.error("[stix_core_object] Missing parameters: id")
+            return None
+
     """
         Ask enrichment with multiple connectors
 
@@ -1789,11 +1816,11 @@ def ask_enrichment(self, **kwargs):
         :return void
     """
 
-    def organization_share(self, entity_id, organization_ids):
+    def organization_share(self, entity_id, organization_ids, sharing_direct_container):
         query = """
-            mutation StixCoreObjectEdit($id: ID!, $organizationId: [ID!]!) {
+            mutation StixCoreObjectEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
                 stixCoreObjectEdit(id: $id) {
-                    restrictionOrganizationAdd(organizationId: $organizationId) {
+                    restrictionOrganizationAdd(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
                       id
                     }
                 }
@@ -1804,6 +1831,7 @@ def organization_share(self, entity_id, organization_ids):
             {
                 "id": entity_id,
                 "organizationId": organization_ids,
+                "directContainerSharing": sharing_direct_container,
             },
         )
 
@@ -1815,11 +1843,13 @@ def organization_share(self, entity_id, organization_ids):
         :return void
     """
 
-    def organization_unshare(self, entity_id, organization_ids):
+    def organization_unshare(
+        self, entity_id, organization_ids, sharing_direct_container
+    ):
         query = """
-            mutation StixCoreObjectEdit($id: ID!, $organizationId: [ID!]!) {
+            mutation StixCoreObjectEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
                 stixCoreObjectEdit(id: $id) {
-                    restrictionOrganizationDelete(organizationId: $organizationId) {
+                    restrictionOrganizationDelete(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
                       id
                     }
                 }
@@ -1830,6 +1860,7 @@ def organization_unshare(self, entity_id, organization_ids):
             {
                 "id": entity_id,
                 "organizationId": organization_ids,
+                "directContainerSharing": sharing_direct_container,
             },
         )
 
diff --git a/pycti/utils/opencti_stix2.py b/pycti/utils/opencti_stix2.py
@@ -2479,12 +2479,18 @@ def rules_rescan(self, item):
         self.opencti.stix_core_object.rules_rescan(element_id=item["id"])
 
     def organization_share(self, item):
-        organization_ids = item["organization_ids"]
-        self.opencti.stix_core_object.organization_share(item["id"], organization_ids)
+        organization_ids = item["sharing_organization_ids"]
+        sharing_direct_container = item["sharing_direct_container"]
+        self.opencti.stix_core_object.organization_share(
+            item["id"], organization_ids, sharing_direct_container
+        )
 
     def organization_unshare(self, item):
-        organization_ids = item["organization_ids"]
-        self.opencti.stix_core_object.organization_unshare(item["id"], organization_ids)
+        organization_ids = item["sharing_organization_ids"]
+        sharing_direct_container = item["sharing_direct_container"]
+        self.opencti.stix_core_object.organization_unshare(
+            item["id"], organization_ids, sharing_direct_container
+        )
 
     def apply_opencti_operation(self, item, operation):
         if operation == "delete" or operation == "delete-force":
@@ -2507,7 +2513,11 @@ def apply_opencti_operation(self, item, operation):
             self.organization_share(item=item)
         elif operation == "unshare":
             self.organization_unshare(item=item)
-        elif operation == "enrichment":
+        elif operation == "clear_access_restriction":
+                    self.opencti.stix_core_object.clear_access_restriction(
+                        element_id=item["id"]
+                    )
+                elif item["opencti_operation"] == "enrichment":
             connector_ids = item["connector_ids"]
             self.opencti.stix_core_object.ask_enrichment(
                 element_id=item["id"], connector_ids=connector_ids
